File starboard.changes of Package starboard
-------------------------------------------------------------------
Wed Jun 25 12:26:37 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 0.15.26:
* release: prepare v0.15.26
* chore: fix vulnerabilities (#1420)
"Bumped Go version to 1.24.4 to resolve vulnerabilities."
-------------------------------------------------------------------
Thu Apr 24 15:23:20 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- Update to version 0.15.25:
* release: prepare v0.15.25 (#1419)
* This commit will resolve the vulnerability for operator..
(#1417)
* The builds are failing due to the deprecation of Ubuntu 20.04
in GitHub Actions. Updating the runs-on parameter to a
supported version to fix it (#1418)
* DEVOPS-972: Starboard images fail on Redhat cert preflight
checks due to migging labels (#1416)
* DEVOPS-972: Starboard images fail on Redhat cert preflight
checks due… (#1415)
* Lihiz release (#1414)
-------------------------------------------------------------------
Fri Feb 28 05:47:59 UTC 2025 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.24:
* Revert "DEVOPS-499: Add push to aquasec Azure reg upon
Starboard releases (#1404)" (#1413)
* Fixed: ERROR: failed to solve: dockerfile parse error on line
17: unknown instruction: ̰ (#1412)
* release: prepare v0.15.24 (#1411)
* perf: Exclude kube-bench pods from being evaluated in the
starboard (#1409)
* Fixing Vulnerabilities (#1408)
* DEVOPS-499: Add push to aquasec Azure reg upon Starboard
releases (#1404)
-------------------------------------------------------------------
Wed Dec 11 12:10:49 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.23:
* release: prepare v0.15.23 (#1407)
* Updates to controller-runtime and client-go for better
performance, bug fixes, and memory optimization. (#1406)
* No Disc space error fix and Removing the build process for UBI8
images. (#1402)
* Add cleanup and disk usage checks to GitHub Actions workflow.
(#1401)
-------------------------------------------------------------------
Mon Sep 30 16:43:07 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.22:
* release: prepare v0.15.22 (#1400)
* The vulnerabilities have been fixed by bumping the Go version
and by updating the opa. (#1398)
-------------------------------------------------------------------
Tue Jul 16 06:08:06 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.21:
* release: prepare v0.15.21 (#1395)
* fix: resolved security vulnerabilities in starboard (#1394)
-------------------------------------------------------------------
Sun Mar 17 13:39:43 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.20:
* fix: failure in goreleaser (#1390)
* fix: goreleaser pipeline failure (#1389)
* chore: remove cleanup action (#1388)
* chore: remove release pipeline cache (#1387)
* chore: remove release pipeline cache (#1386)
* chore: remove release pipeline cache (#1385)
* fix: release pipeline failure (#1384)
* release: prepare v0.15.20 (#1383)
* chore: add alpine based fips image (#1381)
* chore: update go version to 1.21 (#1380)
* chore: Add ubi9 images for starboard-operator (#1379)
-------------------------------------------------------------------
Sun Mar 17 13:37:21 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 0.15.19:
* release: prepare v0.15.19 (#1377)
* fix: Mark old revision configaudit report for deletion (#1376)
-------------------------------------------------------------------
Thu Dec 07 09:33:31 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.18:
* release: prepare v0.15.18 (#1375)
* Fix security vulnerabilities in starboard-operator:0.15.17
(#1374)
-------------------------------------------------------------------
Thu Dec 07 09:30:39 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.17:
* release: prepare-v0.15.17 (#1373)
-------------------------------------------------------------------
Thu Oct 19 05:44:21 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.16:
* release: prepare v0.15.16 (#1371)
* release: prepare v0.15.16-rc (#1370)
-------------------------------------------------------------------
Tue Sep 05 15:07:24 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.15:
* release: prepare v0.15.15 (#1369)
* release: prepare v0.15.14 (#1368)
* chore: release fips enabled images (#1364)
* opa version upgrade to latest (#1367)
* fix: Fix crd names error for roles (#1365)
- skipping non-existent release 0.15.14
-------------------------------------------------------------------
Fri Jun 16 05:13:28 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.13:
* chore: bump go version release 1.19 (#1363)
* release: prepare v0.15.13 (#1362)
* chore: resolve libssl vulnerability (#1361)
* bugfix: Support configauditing for rbac resource with capital
letter name (#1356)
* feat: Support scan latest revision for replicationController
from DeploymentConfig (#1352)
-------------------------------------------------------------------
Mon Apr 24 10:49:24 UTC 2023 - kastl@b1-systems.de
- Update to version 0.15.12:
* release: prepare v0.15.12 (#1343)
* release: prepare v0.15.12-rc (#1340)
* chore: update base image to alpine:3.17 (#1338)
* chore: bump base image and golang.org/x/net (#1335)
* chore(deps): bump k8s.io/klog/v2 from 2.70.1 to 2.90.1 (#1328)
* release: prepare v0.15.11 (#1294)
-------------------------------------------------------------------
Wed Oct 19 13:10:56 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.11:
* chore: vulnerability-CVE-2022-32149 (#1293)
* chore: add team notification on vulnerabilities found (#1288)
* chore: add team notification on vulnerabilities found (#1286)
-------------------------------------------------------------------
Fri Sep 30 05:11:07 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.10:
* release: prepare v0.15.10 (#1279)
* chore: disable aqua image scanning (#1282)
* chore: upgrade alpine v3.16.2 (#1281)
* chore: upgrade alpine v3.16.2 (#1280)
* fix: vulnerabilities (#1278)
-------------------------------------------------------------------
Sun Sep 25 07:10:38 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.9:
* release: prepare v0.15.9 (#1273)
* Using latest tag everytime for ubi-minimal (#1269)
* release: prepare v0.15.9-rc3 (#1266)
* release: prepare v0.15.9-rc2 (#1265)
* release: prepare v0.15.9-rc (#1264)
* feat: k8s resource computability (#1259)
-------------------------------------------------------------------
Wed Sep 07 12:21:46 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.8:
* release: prepare v0.15.8 (#1255)
* chore(deps): bump k8s.io/code-generator from 0.24.1 to 0.24.3 (#1233)
* chore(deps): bump k8s.io/client-go from 0.24.1 to 0.24.3 (#1231)
* chore(deps): bump github.com/open-policy-agent/opa from 0.40.0 to 0.43.0 (#1235)
* Updating license to correct location in ubi image (#1244)
-------------------------------------------------------------------
Wed Sep 07 12:19:41 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.7:
* fix: fix goreleaser to include LICENSE (#1242)
* release: prepare v0.15.7 (#1241)
* chore(deps): bump kube-bench from v0.6.6 to v0.6.9 (#1240)
* Adding existing starboard license in ubi image (#1238)
* docs(operator): add what next for trivy Q&A (#1213)
* docs: deprecation notice (#1211)
-------------------------------------------------------------------
Sat Jun 04 18:53:58 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.6:
* release: prepare v0.15.6 (#1210)
-------------------------------------------------------------------
Wed Jun 01 14:04:50 UTC 2022 - kastl@b1-systems.de
- mitigate CVE-2022-28946 (bsc#1199760)
- Update to version 0.15.5:
* release: prepare v0.15.5 (#1209)
* chore(deps): bump github.com/caarlos0/env/v6 from 6.9.2 to 6.9.3 (#1208)
* chore(deps): bump goreleaser/goreleaser-action from 2 to 3 (#1198)
* chore(deps): bump k8s.io/code-generator from 0.24.0 to 0.24.1 (#1206)
* chore(deps): bump k8s.io/cli-runtime from 0.24.0 to 0.24.1 (#1203)
* chore(deps): bump github.com/hashicorp/go-version from 1.4.0 to 1.5.0 (#1197)
* Added Region support for ECR-Registry handling. (#1191)
* chore(deps): bump github.com/google/go-containerregistry (#1196)
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.11.2 to 0.12.1 (#1195)
* chore(deps): bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.2 (#1194)
* chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#1188)
* chore: bump k8s.io to version 0.24.0 (#1193)
* chore(deps): bump docker/setup-qemu-action from 1 to 2 (#1178)
* chore(deps): bump docker/setup-buildx-action from 1 to 2 (#1177)
* chore(deps): bump docker/login-action from 1 to 2 (#1176)
* chore(deps): bump github.com/google/go-cmp from 0.5.7 to 0.5.8 (#1171)
* chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (#1170)
* feat(configaudit): only scan current revision of deployments (#1148)
* feat(trivy): add mirror config in helm chart (#1159)
* feat: remove 'all' category from vuln and configaudit CRDs (#1156)
* chore(deps): bump k8s.io/cli-runtime from 0.23.5 to 0.23.6 (#1153)
* chore(deps): bump k8s.io/client-go from 0.23.5 to 0.23.6 (#1151)
* chore(deps): bump k8s.io/code-generator from 0.23.5 to 0.23.6 (#1150)
* Modified Decode() to use SplitN rather than Split. This allows GCR auths to be split that contain multiple : characters. (#1126)
* chore(deps): bump github.com/emirpasic/gods from 1.15.0 to 1.18.1 (#1141)
* chore(deps): bump rajatjindal/krew-release-bot from 0.0.42 to 0.0.43 (#1139)
-------------------------------------------------------------------
Thu Apr 14 19:46:21 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.4:
* chore: fix Go code formatting (#1137)
* release: prepare v0.15.4 (#1136)
* fix: GoReleaser manifest (#1135)
* chore: build operator images based on UBI 8 Minimal (#1127)
* chore(deps): bump github.com/emirpasic/gods from 1.12.0 to 1.15.0 (#1132)
* chore(deps): bump codecov/codecov-action from 2 to 3 (#1128)
* chore(deps): bump actions/setup-python from 3.1.0 to 3.1.2 (#1129)
* chore(deps): bump actions/setup-go from 2 to 3 (#1130)
* chore(ci): fix release snapshot workflow (#1124)
* feat(trivy): configure --db-repository to get advisory database from OCI registry (#1064)
* chore(ci): grant contents permission in docs publishing workflow (#1121)
-------------------------------------------------------------------
Thu Apr 14 19:44:41 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.3:
* release: v0.15.3 (#1120)
* chore(ci): set permissions granted to the GITHUB_TOKEN (#1119)
* chore(ci): cancel any in-flight jobs for the same PR branch (#1116)
* fix: critial is a typo (#1117)
* release: prepare v0.15.2 (#1114)
-------------------------------------------------------------------
Thu Apr 14 19:43:02 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.2:
* release: prepare v0.15.2
* fix: limit the num of failure entries in compliance detail report (#1108)
* docs(contributing): use conventional commits (#1094)
* chore(deps): bump github.com/open-policy-agent/opa from 0.38.1 to 0.39.0 (#1111)
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.11.1 to 0.11.2 (#1110)
* chore(deps): bump actions/setup-python from 3.0.0 to 3.1.0 (#1109)
-------------------------------------------------------------------
Mon Apr 04 14:11:23 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.1:
* release: prepare v0.15.1 (#1107)
* fix: revert CronJobs to batch/v1beta1 (#1105)
* chore: add log context when nsa update fails (#1104)
* fix: krew manifest (#1091)
-------------------------------------------------------------------
Fri Apr 01 07:05:46 UTC 2022 - kastl@b1-systems.de
- Update to version 0.15.0:
* release: prepare v0.15.0 (#1089)
* docs: add troubleshooting guide (#1082)
* docs: revisit configuration auditing (#1083)
* chore(deps): bump kube-hunter from v0.6.3 to v0.6.5 (#1088)
* chore(deps): bump kube-bench from v0.6.5 to v0.6.6 (#1087)
* docs(design): specify life cycle for ClusterVulnerabilityReport resources (#1017)
* chore: add pr template (#1084)
* docs: compliance reports support (#1079)
* docs(tutorial): Writing Custom Configuration Audit Policies (#1075)
* chore(deps): bump github.com/onsi/gomega from 1.18.1 to 1.19.0 (#1078)
* chore: nsa spec data typo (#1077)
* docs(olm): fix OperatorGroup to select all namespaces (#1074)
* release: prepare v0.15.0-rc7 (#1073)
* chore(deploy): configure operator to select all namespaces, except kube-system and starboard-system by default (#1072)
* feat: exclude certain namespaces from scanning (#1071)
* feat(vulnerabilityreports): use deterministic names for secrets associated with scan jobs (#1069)
* refactor: VulnerabilityReportReconciler to WorkloadController (#1068)
* chore: install the nsa ClusterComplianceReport resource separately (#1067)
* docs: update installation guides for v0.15.0 (#1063)
* release: prepare v0.15.0-rc6 (#1060)
* release: prepare v0.15.0-rc5 (#1058)
* release: prepare v0.15.0-rc4 (#1056)
* release: prepare v0.15.0-rc3 (#1055)
* chore(release): skip publishing to ECR (#1054)
* release: prepare v0.15.0-rc2 (#1053)
* fix(goreleaser): fix typo in container image name (#1052)
* release: prepare v0.15.0-rc1 (#1051)
* chore: change KSV038 kind type (#1050)
* docs: update configuration auditing (#1040)
* chore(deps): bump github.com/go-logr/logr from 1.2.2 to 1.2.3 (#1049)
* chore(deps): bump k8s.io/klog/v2 from 2.30.0 to 2.60.1 (#1048)
* chore(deps): bump k8s.io/code-generator from 0.23.4 to 0.23.5 (#1047)
* chore(deps): bump k8s.io/cli-runtime from 0.23.4 to 0.23.5 (#1043)
* chore(deps): bump k8s.io/api from 0.23.4 to 0.23.5 (#1044)
* chore(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#1046)
* chore(deps): bump actions/cache from 2 to 3 (#1042)
* feat: compliance support for cli (#1039)
* feat: add resource quota and limit range support (#1035)
* docs: add nsa 1.0 spec (#1033)
* feat: use oci image spec annotations (#1037)
* Feat/add compliance check default status (#1030)
* chore(deps): bump helm/chart-testing-action from 2.2.0 to 2.2.1 (#1026)
* chore(deps): bump github.com/open-policy-agent/opa from 0.38.0 to 0.38.1 (#1027)
* feat(cli): use built-in scanner for configuration audits (#1018)
* chore(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 (#1028)
* test: update compliance reconcile tests (#1021)
* refactor: use ttl check with date util (#1015)
* fix: remove compliance specKind field (#1016)
* fix(helm): grant permissions to get,list,watch ciskubebenchreports (#1013)
* chore: update release checklist (#1014)
* docs: design compliance report (#961)
* fix: generate deploy/static/starboard.yaml (#1011)
* feat: consolidate compliance and detail summary model (#1012)
* feat(compliance): add severity to checks (#1009)
* refactor: decouple policy pkg from starboard apis (#1010)
* chore(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.38.0 (#1006)
* feat: support compliance reports (#1004)
* chore(deps): bump trivy from v0.23.0 to v0.24.2 (#1008)
* feat: enable trivy server with self-signed certificates (#1003)
* chore(deps): bump actions/checkout from 2 to 3 (#1005)
* feat: built-in OPA Rego policy-based configuration audit scanner (#971)
* docs(design): Caching Scan Results by Image Reference (#740)
* feat: allow config check to contain zero to many messages (#998)
* fix(ci): use Go 1.17 in release snapshot workflow (#997)
* chore: add script to generate deploy/static/starboard.yaml (#996)
* refactor(itest): create or update configuration objects (#995)
* chore(ci): release unversioned snapshot every night (#994)
* refactor: parse severity from name (#993)
* feat: update severity enum in config audit check (#992)
* docs: update from 2021 to 2022 (#989)
* chore(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 (#988)
* chore(deps): bump actions/setup-python from 2.3.2 to 3 (#987)
* feat(aqua): add filesystem scan option (#986)
* feat(aqua-enterprise): add support for filesystem scanning (#985)
* feat: add option to run vulnerability scan jobs in workload namespace (#943)
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.11.0 to 0.11.1 (#979)
* chore(deps): bump k8s.io/cli-runtime from 0.23.3 to 0.23.4 (#981)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.23.3 to 0.23.4 (#983)
* chore(deps): bump k8s.io/code-generator from 0.23.3 to 0.23.4 (#977)
* chore(deps): bump k8s.io/client-go from 0.23.3 to 0.23.4 (#980)
* chore(deps): upgrade OLM from v0.18.3 to v0.20.0 (#975)
* chore(operator): streamline installation with kubectl (#972)
* refactor: GetRelatedReplicasetName (#970)
* refactor: rename ObjectToObjectMetadata to ObjectToObjectMeta (#969)
* chore: bump batchv1beta1 to batchv1 (#968)
* feat(trivy): configure timeout (#967)
* fix: delete scan jobs if their pods have already been deleted and we cannot collect logs (#956)
* feat(trivy): mount emptyDir volume on /tmp path (#965)
* chore: add support to s390x arch (#960)
* chore(deps): bump Conftest from v0.28.2 to v0.30.0 (#964)
* chore(deps): bump Trivy from v0.22.0 to v0.23.0 (#963)
* refactor: move plugin constants from generic starboard config (#962)
* docs: integrate with ACR managed registry (#908)
* chore: support ARM architecture (#958)
* chore(deps): bump actions/setup-python from 2.3.1 to 2.3.2 (#951)
* docs(design): schedule vulnerability scans in workload's namespace (#917)
* docs(CONTRIBUTING.md): fix instructions to run integration tests (#947)
* chore(deps): bump github.com/onsi/gomega from 1.18.0 to 1.18.1 (#945)
* chore(deps): bump k8s.io/cli-runtime from 0.23.2 to 0.23.3 (#938)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.23.2 to 0.23.3 (#937)
-------------------------------------------------------------------
Wed Jan 26 07:21:53 UTC 2022 - Johannes Kastl <kastl@b1-systems.de>
- BuildRequire go1.17
-------------------------------------------------------------------
Wed Jan 26 07:08:48 UTC 2022 - kastl@b1-systems.de
- Update to version 0.14.1:
* release: prepare v0.14.1 (#932)
* chore(deps): bump Trivy from v0.20.0 to v0.22.0 (#931)
* fix: handle error when operator cannot start (#930)
* chore(deps): bump controller-runtime from v0.10.0 to v0.11.0 (#927)
* chore(deps): bump Go from 1.16 to 1.17 (#928)
* chore(deps): bump github.com/onsi/gomega from 1.17.0 to 1.18.0 (#920)
* feat: use trivy filesystem scanner (#872)
-------------------------------------------------------------------
Sun Jan 23 17:01:35 UTC 2022 - kastl@b1-systems.de
- Update to version 0.14.0:
* release: prepare v0.14.0 (#910)
* chore: scan images for vulnerabilities (#907)
* release: prepare v0.14.0-rc2 (#906)
* docs: revisit documentation pages for consistency (#905)
* docs: separate commands from output in getting started guides (#750)
* refactor: review and cleanup starboard config package (#904)
* feat: allow configuring pod template labels attached to scan jobs (#902)
* docs(design): update Scan Container Images with Trivy Filesystem Scanner (#900)
* release: prepare v0.14.0-rc1 (#901)
* docs(design): vulnerability rescan of K8s workloads based on report TTL (#863)
* feat: vulnerability rescan of K8s workloads based on report TTL (#879)
* docs(design): Scan Container Images with Trivy Filesystem Scanne (#830)
* fix: trivy uses deprecated subcommand (#891)
* refactor: pass client.Object instead of PodSpec to vulnerabilityreport.Plugin (#894)
* chore(deps): bump github.com/google/go-containerregistry (#897)
* chore(deps): bump helm/chart-testing-action from 2.1.0 to 2.2.0 (#895)
* chore(deps): bump actions/setup-python from 2 to 2.3.1 (#896)
* chore(deps): bump github.com/hashicorp/go-version from 1.3.0 to 1.4.0 (#898)
* refactor: rename kube.Object to kube.ObjectRef (#890)
* feat: allow scanning only current revision of deployment (#870)
* feat: add TRIVY_NON_SSL config and environment variable (#854)
* chore(ci): test Helm chart in the PR validation workflow (#829)
* feat(helm): make .trivyignore file a configurable value (#885)
* chore(deps): bump github.com/caarlos0/env/v6 from 6.8.0 to 6.9.1 (#881)
* chore: describe release steps (#883)
* chore(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 (#876)
* fix: typo in GetLogsByJobAndContainerName error message (#869)
-------------------------------------------------------------------
Fri Jan 07 13:53:16 UTC 2022 - kastl@b1-systems.de
- Update to version 0.13.2:
* release: prepare v0.13.2 (#862)
* chore(ci): publish mkdocs and Helm chart from the specified ref (#861)
* docs: review variables used in mkdocs (#860)
* fix: parse registry credentials when the auth property is blank (#859)
* test(cli): scanning images from private registries (#840)
* chore(ci): release unversioned snapshot when integration tests pass (#846)
* chore(ci) : setup golangci-lint action (#845)
* chore(deps): upgrade base alpine container images from 3.14 to 3.15 (#844)
* chore(deps): bump github.com/caarlos0/env/v6 from 6.7.2 to 6.8.0 (#843)
* docs: release v0.13.1 (#839)
-------------------------------------------------------------------
Fri Jan 07 13:50:10 UTC 2022 - kastl@b1-systems.de
- Update to version 0.13.1:
* release: prepare v0.13.1 (#838)
* fix: scan images from private registries using imagePullSecrets (#837)
* chore: test Helm chart before publishing it to Aqua repo (#819)
* chore(deps): bump k8s.io/cli-runtime from 0.22.3 to 0.22.4 (#825)
* chore(deps): bump sigs.k8s.io/controller-runtime from 0.10.2 to 0.10.3 (#820)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.22.3 to 0.22.4 (#824)
* chore(deps): bump k8s.io/client-go from 0.22.3 to 0.22.4 (#822)
* docs: add high-level diagram (#816)
* docs: update README.md (#815)
* docs: update project overview (#814)
* chore(deps): bump github.com/google/go-containerregistry (#812)
* docs: update README.md (#811)
* docs: update README.md (#809)
* docs: fix helm command to install starboard with conftest policies (#807)
* docs: release v0.13.0 (#806)
-------------------------------------------------------------------
Fri Jan 07 13:47:08 UTC 2022 - kastl@b1-systems.de
- Update to version 0.13.0:
* release: prepare v0.13.0 (#805)
* fix: list active ReplicaSets in the given namespace (#804)
* docs: review and update docs (#803)
* docs: update starboard settings (#802)
* docs(operator): update getting started guide (#801)
* docs(cli): update getting started guide (#800)
* chore(deploy): align static YAMLs with Helm templates (#799)
* chore(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0 (#798)
* chore(deploy): add recommended labels (#797)
* chore(deploy): add service to expose Prometheus metrics (#796)
* chore(helm): remove envSecret value (#795)
* chore(deps): bump k8s.io/cli-runtime from 0.22.2 to 0.22.3 (#789)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.22.2 to 0.22.3 (#788)
* release: Prepare v0.13.0-rc2 (#786)
* chore(deps): bump conftest from v0.25.0 to v0.28.2 (#785)
* feat(conftest): assert that resource kinds are defined for policies (#784)
* refactor: remove ObjectFromLabelsSet method (#783)
* chore(reps): upgrade kube-bench from v0.6.3 to 0.6.5 (#782)
* chore: use starboard-system namespace to install the operator (#779)
* docs: update Conftest integration (#778)
* docs(tutorial): manage access to security reports (#776)
* docs: update installation with Helm (#775)
* release: Prepare v0.13.0-rc1 (#774)
* fix: cannot create vulnerability report because name is too long (#773)
* refactor(operator): use builder to construct vulnerability scan jobs (#770)
* feat(conftest): associate Rego policies with K8s resources (#752)
* docs(design): Associating Rego Policies with Kubernetes Resources (#746)
* refactor: use builder to construct vulnerability scan jobs (#768)
* fix(trivy): add Linux nodeAffinity to scan job in ClientServer mode (#769)
* test: encode objects as labels and annotations (#767)
* fix: panic when image pull secret cannot be parsed (#764)
* feat(cli): make get vulnerabilityreports cmd compatible with kubectl get cmd (#766)
* feat: Explain VulnerabilityReport and ClusterVulnerabilityReport CRDs (#765)
* docs: Integrated infrastructure scanners (#758)
* chore(deps): Bump kube-hunter from v0.6.1 to v0.6.3 (#761)
* chore(deps): Bump Polaris from v4.0 to v4.2 (#760)
* chore(deps): Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 (#755)
* chore(deps): Bump github.com/caarlos0/env/v6 from 6.7.1 to 6.7.2 (#754)
* fix: Resolve report owner for non workload objects (#753)
* docs: Update design docs index (#745)
* docs(design): Managing Access to Security Reports (#734)
* chore(deps): Bump sigs.k8s.io/controller-runtime from 0.10.1 to 0.10.2 (#743)
* chore(cli): Add info banner on init (#739)
* fix: CLI integration test for unmanaged pod with two containers (#738)
* chore: Upgrade Trivy from v0.19.2 to v0.20.0 (#736)
* feat(cli): Resolve report owners to be consistent with operator (#731)
* feat(crd): Remove the all category from cluster-scoped CRDs (#733)
* chore(ci): Fail fast by checking if test K8s cluster is ready before we run integration tests (#725)
* chore: Rename KubeHunterOutput to KubeHunterReportData (#730)
* docs: Describe ClusterVulnerabilityReport CR (#729)
* feat(cli): Install clustervulnerabilityreports CRD (#728)
* chore: Replace starboard get report with starboard report command (#727)
* chore(cli): Rename get subcommands to be consistent with scan subcommands (#726)
* docs: Add various design and explanation docs that we created so far (#724)
* feat(crds): Define ClusterVulnerabilityReport resource (#723)
* chore(deps): Bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 (#720)
* chore(deps): Bump sigs.k8s.io/controller-runtime from 0.10.0 to 0.10.1 (#721)
* chore(deps): Bump k8s.io/apiextensions-apiserver from 0.22.1 to 0.22.2 (#717)
* chore(deps): Bump github.com/valyala/quicktemplate from 1.6.3 to 1.7.0 (#715)
* chore(deps): Bump k8s.io/code-generator from 0.22.1 to 0.22.2 (#714)
* chore(deps): Bump k8s.io/cli-runtime from 0.22.1 to 0.22.2 (#712)
* docs: Prepare v0.12.0 (#710)
-------------------------------------------------------------------
Fri Jan 07 13:44:19 UTC 2022 - kastl@b1-systems.de
- Update to version 0.12.0:
* release: Prepare v0.12.0 (#709)
* chore(deps): Bump up OLM from v0.17.0 to v0.18.3 (#705)
* docs: Update contributing guide (#704)
* feat(trivy): Add registry mirrors to Trivy config (#673)
* release: Prepare v0.12.0-rc4 (#703)
* fix: Handle nil pod in logsReader.GetLogsByJobAndContainerName method (#699)
* chore(deps): Bump sigs.k8s.io/controller-runtime from 0.9.6 to 0.10.0 (#702)
* chore(deps): Bump github.com/caarlos0/env/v6 from 6.6.2 to 6.7.1 (#701)
* release: Prepare v0.12.0-rc3 (#696)
* feat(conftest): Push back reconciliation key if there are no policies configured (#693)
* fix(conftest): Add Deployment to supported kinds (#695)
* fix(polaris): Add Deployment to supported kinds (#694)
* chore(kube-hunter): Bump up kube-hunter from v0.4.1 to v0.6.1 (#691)
* fix(kube-hunter): Change log level from warn to none (#690)
* release: Prepare v0.12.0-rc2 (#689)
* feat(helm): Require imageRef settings (#688)
* feat: Allow plugins to specify supported resource kinds (#683)
* feat: Exclude resources created for leader election from config audit (#687)
* release: Prepare v0.12.0-rc1 (#682)
* feat: Audit configuration of other K8s objects (#644)
* chore(deps): Bumpt up k8s/io/client-go from 0.22.0 to 0.22.1 (#681)
* chore(deps): Bump k8s.io/code-generator from 0.22.0 to 0.22.1 (#680)
* chore(deps): Bump k8s.io/api from 0.22.0 to 0.22.1 (#676)
* chore(deps): Bump github.com/onsi/gomega from 1.15.0 to 1.16.0 (#677)
* feat: Install ClusterConfigAuditReport CRD (#675)
* feat(helm): Configure Trivy settings (#674)
* chore(ci): Update dependencies (#672)
* docs: Update to new community operators repository (#671)
* docs: Release v0.11.0 (#663)
-------------------------------------------------------------------
Fri Jan 07 13:34:52 UTC 2022 - kastl@b1-systems.de
- Update to version 0.11.0:
* release: Prepare v0.11.0 (#661)
* docs: Various updates (#660)
* release: Prepare v0.11.0-rc1 (#658)
* chore: Upgrade controller-runtime from v0.9.2 to v0.9.5 (#657)
* chore(trivy): Upgrade from v0.16.0 to v0.19.2 (#656)
* docs: Add sample HTML report (#650)
* docs: Update Starboard settings (#655)
* chore(polaris): upgrade polaris from v3.2 to v4.0 (#654)
* chore(polaris): Rename properties to configure resource requirements and limits (#653)
* feat(conftest): Allow configuration of resource request and limits (#648)
* chore(trivy): Rename properties to configure resource requirements and limits (#649)
* chore(ci): Upgrade KIND from v0.9.0 to v0.11.1 (#651)
* feat(polaris): Allow configuration of resource request and limits (#645)
* feat: Define interface for saving and finding ClusterConfigAuditReports (#643)
* test(trivy): Init method (#642)
* feat(trivy): Allow configuration of resource request and limits (#639)
* refactor: Rename CISKubeBenchOutput to CISKubeBenchReportData (#636)
* feat(cli): Run kube-bench on individual nodes (#549)
* chore: Bump up kube-bench from v0.5.0 to v0.6.3 (#630)
* docs: Manually delete crds installed with Helm (#629)
* chore: Bump up controller-runtime from v0.9.0 to v0.9.2 (#628)
* feat: Add scope to config audit check (#626)
* chore: Rename VulnerabilityScanResult to VulnerabilityReportData (#625)
* chore: Rename ConfigAuditResult to ConfigAuditReportData (#624)
* chore: Use the same receiver name for Trivy plugin (#623)
* refactor(trivy): Read config from starboard-trivy-config ConfigMap (#616)
* feat: Define ClusterConfigAuditReport (#622)
* chore: Update controller-runtime version from v0.7.2 to v0.9.0 (#620)
* refactor: Allow plugins to provide the default config (#611)
* refactor: Rename kube.CR_Manager to cmd.Installer (#610)
* fix(cisbenchmark): Skip Windows nodes (#608)
* refactor: Move Trivy config utilities to trivy package (#607)
* refactor: Add PluginContext to ParseVulnerabilityReportData callback (#606)
* feat(helm): Configure scanner pods tolerations and annotations (#605)
* refactor: Remove Aqua settings from generic starboard ConfigMap (#604)
* refactor: Remove config checkers settings from generic starboard ConfigMap (#603)
* refactor: Define PluginConfig object (#602)
* feat: Add PluginContext to vulnerability scan plugins (#600)
* feat(cli): Add pod template hash to vulnerability report (#599)
* refactor(cli): Use deterministic names for vulnerability scan jobs (#598)
* chore: Replace ORG_GITHUB_TOKEN secret with ORG_REPO_TOKEN (#597)
* fix: Flaky CLI Integration Test (#593)
* feat: Apply configurable tolerations to all kinds of scanners (#596)
* fix: Add updateTimestamp property to Open API spec of VulnerabilityReport (#591)
* feat: Add annotations to scan jobs spawned by Starboard (#588)
* docs: Explain how operator handles scaled workloads (#589)
* docs: Update CRD examples (#590)
* feat(trivy): Pass additional settings to Trivy client (#547)
* chore: Remove deprecated CLI commands (#558)
* feat: Add tolerations to vulnerability scan jobs (#586)
* docs: Prepare v0.10.3 (#583)
-------------------------------------------------------------------
Wed May 26 19:05:31 UTC 2021 - Johannes Kastl <kastl@b1-systems.de>
- initial version of package starboard
